Girlfriend's Computer was infected, now operating slowly...

Does your girlfriend take this computer online? If so, the log is surprisingly clean considering there is no antivirus or third party firewall software running.

Has there been some other malware infection in the recent past? The log does seem to indicate that possibility. Please post back the answer before we continue. Thanks!

I wouldn't go so far as to say yet that it's clean. It appears that your previous spyware problem may have been removed ok but left behind a number sequencing issue with your "Layered Service Provider". This COULD account for the slow performance you've described. The "Layered Service Provider" is software your computer uses for networking services.
Was she having connection problems?

Spyware can use that software to keep track of a users online habits.

The problem that sometimes occurs when spyware is removed, is the software used to remove the offending file that used the LSP failed to recreate the stack in the proper order.

I don't expect you to fully understand all of that but at least I thought I'd try to briefly explain why I am including the next instruction. We can fix this numbering sequence issue very easily:
Download LSPFix from here or here.
1. Disconnect from the Internet, go to the LSPfix file and extract/unzip LSP-Fix into its own folder C:\lspfix>.
2. Open the lspfix folder and double-click on LSPFix.exe to start the program.
3. Check the " I know what I am doing" checkbox.
4. Now, since there are no bad files to remove, just the sequence issue, just click " Finish" and LSPfix will restore the chain numbers.

Reboot the computer and post a fresh HijackThis log and we'll take another look. Is it running any better?

Before I take another look at this log, although the lspfix indicated no changes were necessary, did you click the "Finish" button?
If you did not click "Finish" but instead just closed the application then the lspfix will not restore the chain numbers which could account for the reason you still experience a slow connection.

Your slow connection may well be the result of some other anomaly but without knowing first whether you completed the previous instruction I hesitate to continue. Please post back the answer before I make any more suggestions. Thanks!

Please perform a scan with F-Secure Online Scanner
Follow the directions in the F-Secure page for proper Installation.
1. Click on the link " F-Secure Online Scanner".
2. You may receive an alert on the address bar at this point to install the ActiveX control.
3. Click on that alert and then click " Install ActiveX component".
4. Read the license agreement and click " Accept".
5. Click " Custom Scan" and be sure the following are checked:

• Scan whole System
• Scan all files
• Scan whole system for rootkits
• Scan whole system for spyware
• Scan inside archives
• Use advanced heuristics

6. When the scan completes, click the " I want to decide item by item" button.7. For each item found, Select " Disinfect" and click " Next".
8. When done, click the " Show Report" button, then copy and paste the entire report into your next reply.

OK, 12 spyware cookies remain. Can you post a fresh HijackThis log please and advise if the system is still running slow?

Please select and install One of these free antivirus applications:
AVG Free for Windows
AntiVir Personal Edition Classic
Avast! 4 Home Edition
After successful installation, please reboot the computer.

---

Please select and install one of these free Firewall applications:
ZoneAlarm Free Version
Outpost Free
Kerio

When the installation completes successfully, reboot the computer.

---

Download AVG Anti-Spyware v7.5
( This is Ewido 4.0 renamed. If you already have Ewido installed, please update to this version which has a special "clean driver" for removing persistent malware)

• After download, double click on the file to launch the install process.
• Choose a language, click "OK" and then click "Next".
• Read the "License Agreement" and click "I Agree".
• Accept default installation path: C:\Program Files\Grisoft\AVG Anti-Spyware 7.5, click "Next", then click "Install".
• After setup completes, click "Finish" to start the program automatically or launch AVG Anti-Spyware by double-clicking its icon on your desktop or in the system tray.
• The main "Status" menu will appear. Select "Change state" to inactivate 'Resident Shield' and 'Automatic Updates'.
• Then right click on AVG Anti-Spyware in the system tray and uncheck "Start with Windows".

Go to Start > Run and type: services.msc

• Press "OK".
• Click the "Extended tab" and scroll down the list to find AVG Anti-Spyware guard.
• When you find the guard service, double-click on it.
• In the Properties Window > General Tab that opens, click the "Stop" button.
• From the drop-down menu next to "Startup Type", click on "Manual".
• Now click "Apply", then "OK" and close the Services window.
• Select the "Update" button and click "Start update". Wait until you see the "Update successful message. If you are having problems with the updater, manually update with the AVG Anti-Spyware Full database installer from here.

Once the updates are installed do the following:
Click on the " Scanner" button and choose the " Settings" tab.

• Under "How to act?", click on "Recommended actions" and choose "Quarantine" to set default action for detected malware.
• Under "How to Scan?" check all (default).
• Under "Possibly unwanted software" check all (default).
• Under "What to Scan?" make sure "Scan every file" is selected (default).
• Under "Reports" select "Automatically generate report after every scan" and UNcheck "Only if threats were found".

Close the application and reboot the computer into Safe mode. Once in safe mode continue with the instructions below:

Open the AVG Anti-Spyware application and click the " Scan" tab.
Click " Complete System Scan" to start.

Note: Close all open windows, programs, and DO NOT USE the computer while AVG Anti-Spyware is scanning. If Explorer or other programs are open during the scan that means certain files will also be in use. Some malware will insert itself and hide in areas that are "protected" by Windows when the files are being used. This can hamper AVG Anti-Spyware's ability to clean properly and may result in reinfection.

Note: If AVG Anti-Spyware "crashes" or "hangs" during the scan, try scanning again by doing this:

• Scan one sector of the system at a time by using the "Custom Scan" feature. To do this select Scanner > Custom Scan and click on Add drive/directory/file. Browse to C:\Windows > System, add this folder to the list and click on "Start Scan". When the scan is complete, repeat the Custom Scan but this time, browse to and add the System32 folder. Then keep repeating this procedure until all your folders have been scanned. Make sure you include the Documents & Settings folder.
• If this still does not help, then turn the ADS scanner off while making a Custom Scan. To do this select Scanner > Scan Settings and untick "Scan in NTFS Alternate Data Streams". Then repeat the steps above for performing a Custom Scan.

When the scan has finished you will be presented with a list of infected objects found. Click " Apply all actions" to place the files in Quarantine.

IMPORTANT! Do not save the report before you have clicked the Apply all actions button. If you do, the log that is created will indicate " No action taken", making it more difficult to interpret the report. So be sure you save it only AFTER clicking the "Apply all actions" button?

Click on " Save Report" to view all completed scans. Click on the most recent scan you just performed and select " Save report as" - the default file name will be in date/time format as follows: Report-Scan-20060620-142816.txt. Save to your desktop. A copy of each report will also be saved in C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Reports\

Exit AVG Anti-Spyware when done.

---

Reboot back to your normal windows user mode and post the AVG Anti-Spyware scan log. Thanks!

OK, sure thing. The log does appear to be clean. It's more than likely other issues relating to cleanup and maintenance. I'll repost for you here what you were referring to without sending you back to another thread:

Computer and browser slowness are not always malware related.

Poor performance can be the result of disk fragmentation, disk errors, corrupt system files, too many startup programs, unnecessary services running, not enough RAM, etc.

As your system gets older it becomes filled with more files/programs and has a natural tendency to slow down so regular maintenance is essential. Outlined below are Ten Steps for PC Health that will help you to improve and speed up your system's performance. For those users who would like this information stored on board your own computer, please see the instructions at the end for "Create a "New Folder" in your Browser Favorites List":

1. 
   
2. For browser problems, see:
   • Its not always malware...
   • How and Why to Clear Your Cache
3. If your having connectivity issues or errors such as Page cannot be displayed see:
   • Repair/Reset Winsock settings
   • Troubleshooting Internet Connection Problems
   
   
4. Defrag your system.
5. 
   A fragmented disk slows the overall performance of your system. When files are fragmented, the computer must search the hard disk for all the fragments to a file when you attempt to open it which slows down the opening process.
   
   Another benefit is that the Free Space available will also be consolidated into one space on the hard disk.
   
   Fragmentation occurs when the operating system cannot or will not allocate enough contiguous space to store a complete file as a unit, but instead puts parts of it in gaps between other files (usually those gaps exist because they formerly held a file that the operating system has subsequently deleted or because the operating system allocated excess space for the file in the first place).
   
   As advances in technology bring larger disk drives, the performance loss due to fragmentation squares with each doubling of the size of the drive. Larger files and greater numbers of files also contribute to fragmentation and consequent performance loss. Defragmentation attempts to alleviate these problems.
   
   Disk Defragmenter consolidates fragmented files and folders ( and free space) on the hard disk so that each occupies a single space on the disk. This speeds up reading and writing to the disk. Read The Importance of Disk Defragmentation for instructions.
   
   
6. Check for disk errors
7. • Run CHKDSK in Safe Mode or from the Recovery Console.
   • In the Check Disk dialog box, select the Scan for and attempt recovery of bad sectors check box, click "Start" and instantly the repair/recovery process begins. When it completes your system should reboot on it's own.
   As you use your hard drive, it can develop bad sectors which slow down hard disk performance and make data writing difficult. "Check Disk" scans the hard drive and verifies the logical integrity of a file system by checking for system errors, lost clusters, lost chains, and bad sectors. When encountering logical inconsistencies in file system data, it will perform the necessary actions to repair the file system data.
   
   
8. Check for damaged, altered or missing critical system files
9. Run the System File Checker. If SFC discovers that a protected file has been damaged, altered or is missing, it restores the correct version of the file from the cache folder. You must be logged on as an "Administrator" or as a member of the Administrators group to run sfc and it may ask you to insert your XP Installation CD so have it available.
10. 
    
11. Clean up your hard drive
12. Remove unused programs, transfer old data, pictures and music files etc. to a CD or an external hard drive. When you have moved/saved the files you want to keep, run:
13. Disk Cleanup and let it scan your system for files to remove.
14. Dont clean out the Prefetch folder for general maintenance reasons - This is a common myth that will not improve performance. You should only remove prefetch files when you've been instructed to after a malware cleanup investigation.
    
    Prefetch files will be re-created by windows when the need arises. The folder can become quite bloated after a while due to programs you've previously opened. The prefetched items actually assist with speeding the boot up process as well as opening those programs that you've opened before. Emptying the folder causes no irreparable harm but will result in a slow boot up on your first reboot when the folder has been emptied. Subsequent reboots will be back to normal.
    
    As an alternative to Disk Cleanup you can download and scan with CCleaner.
    CCleaner installs the Yahoo Toolbar as an option which IS checkmarked by default during the installation. IF you do NOT want it, REMOVE the checkmark when provided with the option OR download the toolbarfree Basic version instead of the Standard Build.
    • After installation, see the Using and Understanding CCleaner Tutorial.
    • An added benefit of using CCleaner is the "Issues" scan which allows you to clean the registry.
    • Always back up your registry before making any changes.
    • When done using CCleaner's "Issues" scan, I highly recommend following the steps in PCBruiser's/Registry Maintenance
    .
    
15. Check for any unnecessary running services.
16. 
    If you have a typical installation, many services are configured as "automatic"...that is, they start automatically when Windows starts or when the service is called for the first time. Use Black Viper's Services Configuration to help fine tune this area.
    
    
17. Check for any unnecessary applications loading at startup
18. 
    ...By using MSConfig. Some startup programs are necessary so be careful what you disable.
    
    If you are unsure what any of the startup entries are or if they are safe to disable, then search one of the following Startup Databases:
    StartupList Index
    Startup Programs Database
    
    Note: MSConfig.exe is a troubleshooting utility used to diagnose system configuration issues. Although it works as a basic startup manager which allows you to enable/disable auto-start programs, msconfig should not be used routinely to disable startup programs. Instead, navigate the software you want to disable from startup for the "preferences" settings and configure it as appropriate.
    
    A better alternative is to use a startup manager. If you have Spybot S&D 1.4 installed, launch it, go to Mode and select Advanced. Then go to Tools, select System Startups. You will be provided with a list of programs that load when Windows starts. If you untick an entry it will no longer run at startup. This will allow you to experiment and see how your system performs with any of them disabled. Other startup managers you can download and use for free are Startup Control Panel, Autoruns and Starter by CodeStuff.
    
    
19. Remove any third party Memory Manager or Optimizer.
20. 
    Windows XP memory management was designed to make the best use of Ram and these memory management utilities defeat that purpose. They push applications out of RAM into the pagefile, creating holes in the RAM and by doing so, slow down your computer.
    
    
21. Disable some visual effects.
22. 
    While visual embellishments may be attractive, they do nothing else for you. Disabling some of them frees up system resources and makes the operating system perform better. Right click My Computer, choose Properties, then Advanced. Click on Settings under "performance" and UNcheck all the visual effects, except for the last three. Click "Apply", then "OK", then "OK" again. Then right click your desktop and choose Properties, then Appearance, then Effects... Uncheck the first two boxes and hit "OK".
    
    
23. Adding more RAM
24. 
    ...is a quick solution that can have a dramatic affect on your system's speed and responsiveness. You can check how much RAM you have by going to Start then All Programs. From there, find Accessories then System Tools and locate the System Information option from the menu list and look at your System Summary. For more info see Understanding, Identifying and Upgrading the RAM in your PC.
    For more suggestions and performance tips read:
    Restore Your Computer's Performance with Windows XP
    XP Performance Tweaks
    Performance Boost for XP
    
    When you are all done be sure to Create a new Restore Point to enable your computer to " roll-back" to a clean working state keeping all the changes you just made.
    
    For those users who would like to store this information on board their own computers:
    
    These instructions are peculiar to only Internet Explorer version 7. It is assumed that users of any other browsers already know how to create a new folder to store bookmarks. If you need instructions for a different browser, please see that browser's support pages.
    
    Create a "New Folder" in your Browser Favorites List"
    
    For each category outlined above that contains a hyperlink, you can create a "New Folder" in your browser Favorites list.
    
    To accomplish that just click on a link from one of the categories and when the web page loads, click the Add to Favorites button in the upper left corner of the tool bar (It's the little gold star that has the green plus sign overlaid).
    
    Scroll to Add to Favorites from the menu drop box and click on it. When the "Add a Favorite" dialogue box opens, click the New Folder button. Name the folder the same as the category...for example "For browser problems" and click the Create button. Now, to check your work, click the Favorites button (from your toolbar, it's the gold star in the far left next to the button you clicked previously), Look for the folder you created and click on it. You should find the link that you bookmarked.
    
    You can create folders for each category you want and bookmark the related links to store in each.
    
    
    Best Regards,
    and Happy Surfing...
    

Vet,

I have been through the speed checkups and it's still slow. I ran the AVG anti virus scan (thorough, but not archives) and it picked up a virus. I couldn't get it to print up a log so I'll just give you the details from the "Chest":
Name: pskavs.dll
Original location: C:\windows\system32\ActiveScan
Virus: Win32:CTX

I'll post another HJT log too. Hopefully you can find something?

Thanks,

L

PS Don't be shy about telling me what to do. I'll follow your lead in this stuff.

HijackThis
------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:24:59 AM, on 5/21/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\toshiba\ivp\ism\ivpsvmgr.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshibadirect.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://toshibadirect.com/
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe /run
O4 - HKLM\..\Run: [IVPServiceMgr] C:\toshiba\ivp\ism\ivpsvmgr.exe
O4 - HKLM\..\Run: [DXDllRegExe] C:\WINDOWS\system32\dxdllreg.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\pc tools\lsp\pctlsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\spyware doctor\filterlsp.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqaio/downloads/sysinfo.cab
O16 - DPF: {4CCA4E80-9259-11D9-AC6E-444553544200} (FixController Control) - http://h30155.www3.hp.com/ediags/dd/install/HPInstallMgr_v01_4.cab
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Vet, Also,I could not get the firewall set up. I get an error message, "could not longin to the TrueVector service"??? Thanks, L